By Elias GrollElias Groll is an assistant editor at Foreign Policy. A native of Stockholm, Sweden, he received his undergraduate degree from Harvard University, where he was the managing editor of The Harvard Crimson.

Internet hackers have found a new home from which to spread online mayhem , and it’s not where you might expect. According to a new report from cloud computing provider Akamai, Indonesia became a hotbed of hacking activity during the first quarter of 2013, rocketing to second place behind China among the most prevalent sources of Internet attacks.

In the final three months of 2012, Indonesia played host to a mere .7 percent of all Internet hacking activity, but during the following three months that figure ballooned to 21 percent. Accounting for a full 34 percent of Internet attacks, China remains the global hacking superpower, but Indonesia’s sudden rise in the tables is indicative of how diffuse networks of hackers around the globe can exploit weaknesses in the web. (It’s theoretically possible that detection has improved but that’s still a pretty incredible jump.)

According to Akamai, the sudden rise in hacking activity emanating from Indonesia probably doesn’t mean hackers are picking up their bags and laptops and decamping for the tropical climes of Jakarta. Rather, the sudden spike in activity is probably indicative of a decision by hacking collectives or large operations to utilize Indonesian servers for botnet operations, automated attacks that use a set of linked programs to carry out an attack and amplify their effect. That same system allows hackers to largely mask their true location.

With 8.3 percent of hacking activity emanating from its shores, the United States comes in third place in Akamai’s ranking. With 4.5 percent and 2.7 percent, respectively, Turkey and Russia round out the top five. Here’s the full ranking:

But this Akamai table also highlights the central problem of confronting hacking activity today: extremely hazy attribution. Consider a scenario in which a large financial institution finds its servers under siege by an attack emanating from a server in Shanghai. The company sees that data and makes an obvious conclusion: the Chinese government is trying to steal the bank’s trade secrets. But IP attribution is not on its own sufficient to ascertain the identity of an attacker — the assault on this hypothetical financial institution could easily have been bounced off servers in different corners of the world to mask the attacker’s actual location. For all the bank knows, it could have been their competitor in the office next door trying to swipe trading strategies.

Unsurprisingly, businesses remain the biggest targets of Internet attacks, according to Akamai. In an examination of so-called distributed denial of service attacks — a type of hack that directs a massive amount of Internet traffic at a given website in order to take it off life — the company found that its enterprise clients received 35 percent of all attacks. The full breakdown is here:

The following graph breaks those attacks down further and show how financial services remain a favorite target of hackers.

Related Stories

John Reed is a national security reporter for Foreign Policy. He comes to FP after editing Military.com’s publication Defense Tech and working as the associate editor of DoDBuzz. Between 2007 and 2010, he covered major trends in military aviation and the defense industry around the world for Defense News and Inside the Air Force. Before moving to Washington in August 2007, Reed worked in corporate sales and business development for a Swedish IT firm, The Meltwater Group in Mountain View CA, and Philadelphia, PA. Prior to that, he worked as a reporter at the Tracy Press and the Scotts Valley Press-Banner newspapers in California. His first story as a professional reporter involved chasing escaped emus around California’s central valley with Mexican cowboys armed with lassos and local police armed with shotguns. Luckily for the giant birds, the cowboys caught them first and the emus were ok. A New England native, Reed graduated from the University of New Hampshire with a dual degree in international affairs and history.

0 Shares

Jason HealeyJason
Healey is the director of the Cyber Statecraft Initiative at the Atlantic
Council of the United States. You can follow his comments on cyber
cooperation, conflict, and competition on Twitter, @Jason_Healey.
| Argument |

131 Shares

John Reed is a national security reporter for Foreign Policy. He comes to FP after editing Military.com’s publication Defense Tech and working as the associate editor of DoDBuzz. Between 2007 and 2010, he covered major trends in military aviation and the defense industry around the world for Defense News and Inside the Air Force. Before moving to Washington in August 2007, Reed worked in corporate sales and business development for a Swedish IT firm, The Meltwater Group in Mountain View CA, and Philadelphia, PA. Prior to that, he worked as a reporter at the Tracy Press and the Scotts Valley Press-Banner newspapers in California. His first story as a professional reporter involved chasing escaped emus around California’s central valley with Mexican cowboys armed with lassos and local police armed with shotguns. Luckily for the giant birds, the cowboys caught them first and the emus were ok. A New England native, Reed graduated from the University of New Hampshire with a dual degree in international affairs and history.